builder.nix
1 { config, lib, pkgs, ... }: 2 3 let 4 inherit (lib) mkIf mkEnableOption importTOML filter; 5 cfg = config.profiles.externalbuilder; 6 metadata = importTOML ../../../ops/hosts.toml; 7 currentHostIP = 8 if builtins.hasAttr "addrs" metadata.hosts.${config.networking.hostName} 9 then metadata.hosts.${config.networking.hostName}.addrs.v4 10 else "0.0.0.0"; 11 isCurrentHost = n: n.hostName != currentHostIP; 12 in 13 { 14 options = { 15 profiles.externalbuilder = { 16 enable = mkEnableOption "Enable externalbuilder profile"; 17 }; 18 }; 19 config = mkIf cfg.enable { 20 nix.distributedBuilds = true; 21 # FIXME Redo this later 22 # sops.secrets.builder = { 23 # sopsFile = ../../../secrets/builder.yaml; 24 # mode = "600"; 25 # path = "/etc/nix/builder.key"; 26 # }; 27 28 nix.buildMachines = (filter isCurrentHost 29 [ 30 { 31 hostName = "${metadata.hosts.shikoku.addrs.v4}"; 32 maxJobs = metadata.hosts.shikoku.builder.maxJobs; 33 sshUser = "builder"; 34 # sshKey = config.sops.secrets.builder.path; 35 systems = metadata.hosts.shikoku.builder.systems; 36 supportedFeatures = metadata.hosts.shikoku.builder.features; 37 } 38 { 39 hostName = "${metadata.hosts.aomi.addrs.v4}"; 40 maxJobs = metadata.hosts.aomi.builder.maxJobs; 41 sshUser = "builder"; 42 # sshKey = config.sops.secrets.builder.path; 43 systems = metadata.hosts.aomi.builder.systems; 44 supportedFeatures = metadata.hosts.aomi.builder.features; 45 } 46 ] 47 ); 48 49 programs.ssh.knownHosts = { 50 "shikoku" = { 51 hostNames = [ "shikoku.home" "${metadata.hosts.shikoku.addrs.v4}" ]; 52 publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH18c6kcorVbK2TwCgdewL6nQf29Cd5BVTeq8nRYUigm"; 53 }; 54 "aomi" = { 55 hostNames = [ "aomi.home" "${metadata.hosts.aomi.addrs.v4}" ]; 56 publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFQVlSrUKU0xlM9E+sJ8qgdgqCW6ePctEBD2Yf+OnyME"; 57 }; 58 }; 59 60 }; 61 62 63 }